More on LinuxToday

Korset: Linux Security Thanks to Static Analysis

"Since most attacks are accompanied by system calls,
the CFGs limit themselves to these calls and document the
legitimate pattern for each application. If a program deviates from
the pattern, the kernel ends the process."